CVE-2020-13541

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite the service executable and execute arbitrary code with System privileges or replace other files within the installation folder that could lead to local privilege escalation.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1151 Exploit Technical Description Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1151 Exploit Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:win911:mobile-911_server:2.5:*:*:*:*:*:*:*

History

21 Nov 2024, 05:01

Type Values Removed Values Added
References () https://talosintelligence.com/vulnerability_reports/TALOS-2020-1151 - Exploit, Technical Description, Third Party Advisory () https://talosintelligence.com/vulnerability_reports/TALOS-2020-1151 - Exploit, Technical Description, Third Party Advisory

19 Apr 2022, 16:15

Type Values Removed Values Added
CWE CWE-269 CWE-276

Information

Published : 2021-01-05 16:15

Updated : 2024-11-21 05:01


NVD link : CVE-2020-13541

Mitre link : CVE-2020-13541

CVE.ORG link : CVE-2020-13541


JSON object : View

Products Affected

win911

  • mobile-911_server
CWE
CWE-276

Incorrect Default Permissions